diff options
author | Rajesh Amaravathi <rajesh@redhat.com> | 2012-02-29 15:16:53 +0530 |
---|---|---|
committer | Vijay Bellur <vijay@gluster.com> | 2012-03-05 09:17:47 -0800 |
commit | 6756245b1514374712136c8dc1f4ac2a19a6da21 (patch) | |
tree | f2620650880325ac3d0b280c349372cd50d3382d /xlators/features/quota | |
parent | 33b9f156e6b6137e33bd9becfe640166986ecc55 (diff) |
fops/removexattr: prevent users from removing glusterfs xattrs
* Each xlator prevents the user from removing xlator-specific
xattrs like trusted.gfid by handling it in respective removexattr
functions.
* For xlators which did not define remove and fremovexattr,
the functions have been implemented with appropriate checks.
xlator | fops-added
_______________|__________________________
|
1. stripe | removexattr and fremovexattr
2. quota | removexattr and fremovexattr
Change-Id: I98e22109717978134378bc75b2eca83fefb2abba
BUG: 783525
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2836
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Diffstat (limited to 'xlators/features/quota')
-rw-r--r-- | xlators/features/quota/src/quota.c | 115 |
1 files changed, 91 insertions, 24 deletions
diff --git a/xlators/features/quota/src/quota.c b/xlators/features/quota/src/quota.c index d819ea7845c..844a0981dd8 100644 --- a/xlators/features/quota/src/quota.c +++ b/xlators/features/quota/src/quota.c @@ -2721,6 +2721,71 @@ quota_fsetxattr (call_frame_t *frame, xlator_t *this, fd_t *fd, } +int +quota_removexattr_cbk (call_frame_t *frame, void *cookie, + xlator_t *this, int32_t op_ret, int32_t op_errno) +{ + QUOTA_STACK_UNWIND (removexattr, frame, op_ret, op_errno); + return 0; +} + +int +quota_removexattr (call_frame_t *frame, xlator_t *this, + loc_t *loc, const char *name) +{ + int32_t op_errno = EINVAL; + + VALIDATE_OR_GOTO (this, err); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.quota*", + name, op_errno, err); + + VALIDATE_OR_GOTO (frame, err); + VALIDATE_OR_GOTO (loc, err); + + STACK_WIND (frame, quota_removexattr_cbk, + FIRST_CHILD(this), + FIRST_CHILD(this)->fops->removexattr, + loc, name); + return 0; +err: + QUOTA_STACK_UNWIND (removexattr, frame, -1, op_errno); + return 0; +} + + +int +quota_fremovexattr_cbk (call_frame_t *frame, void *cookie, + xlator_t *this, int32_t op_ret, int32_t op_errno) +{ + QUOTA_STACK_UNWIND (fremovexattr, frame, op_ret, op_errno); + return 0; +} + +int +quota_fremovexattr (call_frame_t *frame, xlator_t *this, + fd_t *fd, const char *name) +{ + int32_t op_ret = -1; + int32_t op_errno = EINVAL; + + VALIDATE_OR_GOTO (frame, err); + VALIDATE_OR_GOTO (this, err); + VALIDATE_OR_GOTO (fd, err); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.quota*", + name, op_errno, err); + + STACK_WIND (frame, quota_fremovexattr_cbk, + FIRST_CHILD(this), + FIRST_CHILD(this)->fops->fremovexattr, + fd, name); + return 0; + err: + QUOTA_STACK_UNWIND (fremovexattr, frame, op_ret, op_errno); + return 0; +} + int32_t quota_statfs_cbk (call_frame_t *frame, void *cookie, xlator_t *this, int32_t op_ret, int32_t op_errno, struct statvfs *buf) @@ -3054,30 +3119,32 @@ fini (xlator_t *this) struct xlator_fops fops = { - .statfs = quota_statfs, - .lookup = quota_lookup, - .writev = quota_writev, - .create = quota_create, - .mkdir = quota_mkdir, - .truncate = quota_truncate, - .ftruncate = quota_ftruncate, - .unlink = quota_unlink, - .symlink = quota_symlink, - .link = quota_link, - .rename = quota_rename, - .getxattr = quota_getxattr, - .fgetxattr = quota_fgetxattr, - .stat = quota_stat, - .fstat = quota_fstat, - .readlink = quota_readlink, - .readv = quota_readv, - .fsync = quota_fsync, - .setattr = quota_setattr, - .fsetattr = quota_fsetattr, - .mknod = quota_mknod, - .setxattr = quota_setxattr, - .fsetxattr = quota_fsetxattr, - .readdirp = quota_readdirp, + .statfs = quota_statfs, + .lookup = quota_lookup, + .writev = quota_writev, + .create = quota_create, + .mkdir = quota_mkdir, + .truncate = quota_truncate, + .ftruncate = quota_ftruncate, + .unlink = quota_unlink, + .symlink = quota_symlink, + .link = quota_link, + .rename = quota_rename, + .getxattr = quota_getxattr, + .fgetxattr = quota_fgetxattr, + .stat = quota_stat, + .fstat = quota_fstat, + .readlink = quota_readlink, + .readv = quota_readv, + .fsync = quota_fsync, + .setattr = quota_setattr, + .fsetattr = quota_fsetattr, + .mknod = quota_mknod, + .setxattr = quota_setxattr, + .fsetxattr = quota_fsetxattr, + .removexattr = quota_removexattr, + .fremovexattr = quota_fremovexattr, + .readdirp = quota_readdirp, }; struct xlator_cbks cbks = { |